Product Security

Keep your data and applications private, secure, & compliant in the cloud

Product Security Chart

You have your own business to worry about. Since cloud is our business, CallidusCloud protects your data with more security measures than you could ever adopt. We ensure compliance with all data privacy and data security regulations, employ third party specialists to routinely test our environments, undergo extensive security audits, and support multiple levels of access controls and data handling procedures that maintain data integrity and prevent misuse. Some of the world’s largest customers entrust CallidusCloud with their data.

Download PDF

What makes CallidusCloud security better?

Partner with a TRUSTED cloud provider

We keep you PROTECTED

PHYSICAL SECURITY

CallidusCloud partners with localized world leaders in co-location hosting centers to provide environmentally controlled, secure facilities that use an integrated security management system. This includes electronic photo ID badging, cardholder access control, biometrics, recorded digital video surveillance, and alarm monitoring. All enterprise customers are hosted in data centers that are ANSI TIA/EIA-942 Tier III+ rated facilities. They provide continuous monitoring, 24-hour, year-round onsite security personnel, and intrusion detection alarm systems. In addition, the facilities include safeguards that:

  1. BLOCK ILLEGAL ENTRY via biometric readers, and bulletproof walls,
  2. IMMEDIATELY ACT ON SECURITY BREACHES through the use of silent alarms.
  3. AVOID DOWNTIME with redundant power links to local utilities, backup batteries, and uninterruptible power supplies
  4. PROVIDE A SHIELD against fire, natural disasters, and weather shifts with fire suppression systems; environment monitoring; and earthquake-safe designs
  5. PROVIDE ENHANCED BACKUP AND RESTORE CallidusCloud runs full and incremental data backups daily or weekly and full archive logs backups daily, where applicable. Back up data is stored on an encrypted disk using AES 256-bit encryption. This data is available for rapid reimplementation and system restores if needed for any reason.

DATABASE SECURITY

Database environments used in cloud computing can vary significantly. CallidusCloud secures data while at rest, in transit, and in use, and implements strict measures for:

  1. ACCESS CONTROL All access to information processing facilities and business processes are controlled according to business and security requirements.
  2. DATABASE AUDITS Regular database audits allow CallidusCloud to maintain records demonstrating proof of origin.
  3. DATA ENCRYPTION CallidusCloud solutions use a minimum of Advanced Encryption Standard (AES) 256-bit encryption to secure data at the block level of the storage systems.

APPLICATION SECURITY

CallidusCloud applications employ extensive security measures to protect against the loss, misuse, and unauthorized alteration of data. CallidusCloud ensures security through continuous software testing to:

DATA SEGREGATION INTRUSION PREVENTION BUSINESS CONTINUITY

  1. PROTECT AGAINST IMPROPER LOGINS by requiring user logins each time the application is opened, by using automatic logouts after thirty minutes and account locks after multiple failed logins.
  2. PROVIDE BEST PRACTICE SECURITY at all levels (function, transaction, field, and data) by using role-based permissions (RBP).
  3. REPEL ATTACKS in application-level firewalls to prevent SQL injection and cross-site scripting attacks and test applications using OWASP.

MIDDLEWARE SECURITY

The architecture of the software and hardware used to deliver cloud services can vary significantly among public cloud providers. Therefore, it is important to understand the technologies the cloud provider uses to provision services and the implications they have on the security and privacy of the system throughout its lifecycle. CallidusCloud ensures that proper safeguards are in place to enforce authentication, authorization, and other identity- and access-management functions, including:

  1. MULTIFACTOR AUTHENTICATION, which is required for administrators who manage the production environment
  2. SINGLE SIGN-ON AND IDENTITY FEDERATION, which allows you to authenticate directly from your existing authorizing system, via Lightweight Directory Access Protocol (LDAP), tokens, or Security Assertion Markup Language (SAML 2.0)
  3. SAML 2.0 ASSERTION, which allows you to authenticate users using your choice of identity provider and provides a standard mechanism to safely transmit the identity information to CallidusCloud
  4. SECURE SOCKET LAYER (SSL) TECHNOLOGY, which protects application information accessed through a browser using server authentication and data encryption

NETWORK SECURITY

CallidusCloud uses industry-leading routers, switches, and load balancers that are configured to provide secure, highly available access. Then, we ensure that every component of the IT network – from the point of entry to the place where information is stored – is meticulously configured, deployed, maintained, and continually tested for optimal performance. Finally, CallidusCloud takes extra steps to:

  1. REINFORCE SECURITY with redundant connections to multiple Tier 1 Internet service providers (ISPs) for highly available network access. All network equipment is redundant, providing seamless failover between devices.
  2. PROTECT NETWORK AND APPLICATIONS through Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS), network vulnerability scanning, and third-Party penetration tests.
  3. MITIGATE AGAINST DENIAL OF SERVICE ATTACKS by using a major third-party provider to deliver a scalable, fault-tolerant global Domain Name System (DNS) and Service Level Agreements (SLAs) with our Internet service providers (ISPs) for DoS response and mitigation support.

CallidusCloud builds security into every layer of its solutions:

Ready to see more?
Request a Meeting to learn about CallidusCloud products.
Get Started
Schedule your custom demo with a customer experience management expert now.
Schedule